xds: Ignore application_protocols field for now (#4115)

grpc · Dec 16, 2020 · 644d506 · 644d506
1 parent 2fad6bf
commit 644d506
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 82 deletions.
diff --git a/xds/internal/client/client_lds_test.go b/xds/internal/client/client_lds_test.go
@@ -453,40 +453,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 			},
 			wantErr: "filter chains count in LDS response does not match expected",
 		},
-		{
-			name: "unexpected application protocol value",
-			resources: []*anypb.Any{
-				{
-					TypeUrl: version.V3ListenerURL,
-					Value: func() []byte {
-						lis := &v3listenerpb.Listener{
-							Name: v3LDSTarget,
-							Address: &v3corepb.Address{
-								Address: &v3corepb.Address_SocketAddress{
-									SocketAddress: &v3corepb.SocketAddress{
-										Address: "0.0.0.0",
-										PortSpecifier: &v3corepb.SocketAddress_PortValue{
-											PortValue: 9999,
-										},
-									},
-								},
-							},
-							FilterChains: []*v3listenerpb.FilterChain{
-								{
-									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"h2"},
-									},
-								},
-							},
-						}
-						mLis, _ := proto.Marshal(lis)
-						return mLis
-					}(),
-				},
-			},
-			wantErr: "application_protocols in LDS response does not match expected",
-		},
 		{
 			name: "unexpected transport socket name",
 			resources: []*anypb.Any{
@@ -508,9 +474,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "unsupported-transport-socket-name",
 									},
@@ -545,9 +508,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -587,9 +547,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -630,9 +587,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -677,9 +631,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -732,9 +683,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 								},
 							},
 						}
@@ -768,9 +716,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -823,9 +768,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -872,9 +814,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -933,9 +872,6 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 							FilterChains: []*v3listenerpb.FilterChain{
 								{
 									Name: "filter-chain-1",
-									FilterChainMatch: &v3listenerpb.FilterChainMatch{
-										ApplicationProtocols: []string{"managed-mtls"},
-									},
 									TransportSocket: &v3corepb.TransportSocket{
 										Name: "envoy.transport_sockets.tls",
 										ConfigType: &v3corepb.TransportSocket_TypedConfig{
@@ -988,11 +924,11 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) {
 	for _, test := range tests {
 		t.Run(test.name, func(t *testing.T) {
 			gotUpdate, err := UnmarshalListener(test.resources, nil)
-			if err != nil && !strings.Contains(err.Error(), test.wantErr) {
-				t.Errorf("UnmarshalListener(%v) = %v wantErr: %q", test.resources, err, test.wantErr)
+			if (err != nil) != (test.wantErr != "") {
+				t.Fatalf("UnmarshalListener(%v) = %v wantErr: %q", test.resources, err, test.wantErr)
 			}
-			if test.wantErr != "" {
-				return
+			if err != nil && !strings.Contains(err.Error(), test.wantErr) {
+				t.Fatalf("UnmarshalListener(%v) = %v wantErr: %q", test.resources, err, test.wantErr)
 			}
 			if !cmp.Equal(gotUpdate, test.wantUpdate, cmpopts.EquateEmpty()) {
 				t.Errorf("UnmarshalListener(%v) = %v want %v", test.resources, gotUpdate, test.wantUpdate)

diff --git a/xds/internal/client/client_xds.go b/xds/internal/client/client_xds.go
@@ -134,19 +134,13 @@ func processServerSideListener(lis *v3listenerpb.Listener) (*ListenerUpdate, err
 		return nil, fmt.Errorf("xds: socket_address port does not match the one in name. Got %q, want %q", p, port)
 	}
 
-	// Make sure that the listener resource contains a single filter chain with
-	// the application_protocols field set to "managed-mtls", and the
-	// "transport_socket" field containing the appropriate security
-	// configuration.
+	// Make sure the listener resource contains a single filter chain. We do not
+	// support multiple filter chains and picking the best match from the list.
 	fcs := lis.GetFilterChains()
 	if n := len(fcs); n != 1 {
 		return nil, fmt.Errorf("xds: filter chains count in LDS response does not match expected. Got %d, want 1", n)
 	}
 	fc := fcs[0]
-	aps := fc.GetFilterChainMatch().GetApplicationProtocols()
-	if len(aps) != 1 || aps[0] != "managed-mtls" {
-		return nil, fmt.Errorf("xds: application_protocols in LDS response does not match expected. Got %v, want %q", aps, "managed-mtls")
-	}
 
 	// If the transport_socket field is not specified, it means that the control
 	// plane has not sent us any security config. This is fine and the server

diff --git a/xds/internal/test/xds_server_integration_test.go b/xds/internal/test/xds_server_integration_test.go
@@ -232,9 +232,6 @@ func listenerResourceWithoutSecurityConfig(t *testing.T, lis net.Listener) *v3li
 		FilterChains: []*v3listenerpb.FilterChain{
 			{
 				Name: "filter-chain-1",
-				FilterChainMatch: &v3listenerpb.FilterChainMatch{
-					ApplicationProtocols: []string{"managed-mtls"},
-				},
 			},
 		},
 	}
@@ -258,9 +255,6 @@ func listenerResourceWithSecurityConfig(t *testing.T, lis net.Listener) *v3liste
 		FilterChains: []*v3listenerpb.FilterChain{
 			{
 				Name: "filter-chain-1",
-				FilterChainMatch: &v3listenerpb.FilterChainMatch{
-					ApplicationProtocols: []string{"managed-mtls"},
-				},
 				TransportSocket: &v3corepb.TransportSocket{
 					Name: "envoy.transport_sockets.tls",
 					ConfigType: &v3corepb.TransportSocket_TypedConfig{